<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
 <head>
  <meta http-equiv="content-type" content="text/html; charset=UTF-8">
  <title>加密数据</title>
 </head>
 <body class="docs"><div id="layout">
  <div id="layout-content"><div id="function.openssl-encrypt" class="refentry">
 <div class="refnamediv">
  <h1 class="refname">openssl_encrypt</h1>
  <p class="verinfo">(PHP 5 &gt;= 5.3.0, PHP 7)</p><p class="refpurpose"><span class="refname">openssl_encrypt</span> &mdash; <span class="dc-title">加密数据</span></p>

 </div>

 <div class="refsect1 description" id="refsect1-function.openssl-encrypt-description">
  <h3 class="title">说明</h3>
  <div class="methodsynopsis dc-description">
   <span class="methodname"><strong>openssl_encrypt</strong></span>
    ( <span class="methodparam"><span class="type">string</span> <code class="parameter">$data</code></span>
   , <span class="methodparam"><span class="type">string</span> <code class="parameter">$method</code></span>
   , <span class="methodparam"><span class="type">string</span> <code class="parameter">$key</code></span>
   [, <span class="methodparam"><span class="type">int</span> <code class="parameter">$options</code><span class="initializer"> = 0</span></span>
   [, <span class="methodparam"><span class="type">string</span> <code class="parameter">$iv</code><span class="initializer"> = &quot;&quot;</span></span>
   [, <span class="methodparam"><span class="type">string</span> <code class="parameter reference">&$tag</code><span class="initializer"> = NULL</span></span>
   [, <span class="methodparam"><span class="type">string</span> <code class="parameter">$aad</code><span class="initializer"> = &quot;&quot;</span></span>
   [, <span class="methodparam"><span class="type">int</span> <code class="parameter">$tag_length</code><span class="initializer"> = 16</span></span>
  ]]]]] ) : <span class="type">string</span></div>

  <p class="para rdfs-comment">
   以指定的方式和 key 加密数据，返回原始或 base64 编码后的字符串。
  </p>
 </div>


 <div class="refsect1 parameters" id="refsect1-function.openssl-encrypt-parameters">
  <h3 class="title">参数</h3>
  <p class="para">
   <dl>

    
     <dt>
<code class="parameter">data</code></dt>

     <dd>

      <p class="para">
       待加密的明文信息数据。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">method</code></dt>

     <dd>

      <p class="para">
       密码学方式。<span class="function"><a href="openssl_get_cipher_methods.html" class="function">openssl_get_cipher_methods()</a></span> 可获取有效密码方式列表。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">key</code></dt>

     <dd>

      <p class="para">
       key。
      </p>
     </dd>

    
    
      <dt>
<code class="parameter">options</code></dt>

      <dd>

        <p class="para">
          <code class="parameter">options</code> 是以下标记的按位或：
          <strong><code>OPENSSL_RAW_DATA</code></strong> 、
          <strong><code>OPENSSL_ZERO_PADDING</code></strong>。
        </p>
      </dd>

    
    
     <dt>
<code class="parameter">iv</code></dt>

     <dd>

      <p class="para">
       非 NULL 的初始化向量。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">tag</code></dt>

     <dd>

      <p class="para">
       使用 AEAD 密码模式（GCM 或 CCM）时传引用的验证标签。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">aad</code></dt>

     <dd>

      <p class="para">
       附加的验证数据。
      </p>
     </dd>

    
    
     <dt>
<code class="parameter">tag_length</code></dt>

     <dd>

      <p class="para">
       验证 <code class="parameter">tag</code> 的长度。GCM 模式时，它的范围是 4 到 16。
      </p>
     </dd>

    
   </dl>

  </p>
 </div>


 <div class="refsect1 returnvalues" id="refsect1-function.openssl-encrypt-returnvalues">
  <h3 class="title">返回值</h3>
  <p class="para">
   成功时返回加密后的字符串， 或者在失败时返回 <strong><code>FALSE</code></strong>。
  </p>
 </div>


 <div class="refsect1 errors" id="refsect1-function.openssl-encrypt-errors">
  <h3 class="title">错误／异常</h3>
  <p class="para">
   <code class="parameter">method</code> 传入未知算法时，产生 <strong><code>E_WARNING</code></strong> 级别的错误。
  </p>
  <p class="para">
   <code class="parameter">iv</code> 传入空字符串时产生 <strong><code>E_WARNING</code></strong> 级别的错误。
  </p>
 </div>


 <div class="refsect1 changelog" id="refsect1-function.openssl-encrypt-changelog">
  <h3 class="title">更新日志</h3>
  <table class="doctable informaltable">
   
    <thead>
     <tr>
      <th>版本</th>
      <th>说明</th>
     </tr>

    </thead>

    <tbody class="tbody">
     <tr>
      <td>5.3.3</td>
      <td>
       增加 <code class="parameter">iv</code> 参数。
      </td>
     </tr>

     <tr>
      <td>5.4.0</td>
      <td>
       <code class="parameter">raw_output</code> 改到 <code class="parameter">options</code>。
      </td>
     </tr>

     <tr>
      <td>7.1.0</td>
      <td>增加了 <code class="parameter">tag</code>、<code class="parameter">aad</code>、<code class="parameter">tag_length</code> 参数</td>
     </tr>

    </tbody>
   
  </table>

 </div>



 <div class="refsect1 examples" id="refsect1-function.openssl-encrypt-examples">
  <h3 class="title">范例</h3>
  <p class="para">
   <div class="example" id="example-930">
    <p><strong>Example #1 PHP 7.1+  下 GCM 模式的 AES 认证加密例子</strong></p>
    <div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /></span><span style="color: #FF8000">//$key&nbsp;should&nbsp;have&nbsp;been&nbsp;previously&nbsp;generated&nbsp;in&nbsp;a&nbsp;cryptographically&nbsp;safe&nbsp;way,&nbsp;like&nbsp;openssl_random_pseudo_bytes<br /></span><span style="color: #0000BB">$plaintext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"message&nbsp;to&nbsp;be&nbsp;encrypted"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$cipher&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"aes-128-gcm"</span><span style="color: #007700">;<br />if&nbsp;(</span><span style="color: #0000BB">in_array</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">openssl_get_cipher_methods</span><span style="color: #007700">()))<br />{<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$ivlen&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$iv&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_random_pseudo_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$ciphertext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_encrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$plaintext</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$tag</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #FF8000">//store&nbsp;$cipher,&nbsp;$iv,&nbsp;and&nbsp;$tag&nbsp;for&nbsp;decryption&nbsp;later<br />&nbsp;&nbsp;&nbsp;&nbsp;</span><span style="color: #0000BB">$original_plaintext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_decrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">0</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$tag</span><span style="color: #007700">);<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #0000BB">$original_plaintext</span><span style="color: #007700">.</span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
    </div>

   </div>

   <div class="example" id="example-931">
    <p><strong>Example #2 PHP 5.6+ 的 AES 认证加密例子</strong></p>
    <div class="example-contents">
<div class="phpcode"><pre><span style="color: #000000">
<span style="color: #0000BB">&lt;?php<br /></span><span style="color: #FF8000">//$key&nbsp;previously&nbsp;generated&nbsp;safely,&nbsp;ie:&nbsp;openssl_random_pseudo_bytes<br /></span><span style="color: #0000BB">$plaintext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #DD0000">"message&nbsp;to&nbsp;be&nbsp;encrypted"</span><span style="color: #007700">;<br /></span><span style="color: #0000BB">$ivlen&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">=</span><span style="color: #DD0000">"AES-128-CBC"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$iv&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_random_pseudo_bytes</span><span style="color: #007700">(</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext_raw&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_encrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$plaintext</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">OPENSSL_RAW_DATA</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$hmac&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_hmac</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$as_binary</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">base64_encode</span><span style="color: #007700">(&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">.</span><span style="color: #0000BB">$hmac</span><span style="color: #007700">.</span><span style="color: #0000BB">$ciphertext_raw&nbsp;</span><span style="color: #007700">);<br /><br /></span><span style="color: #FF8000">//decrypt&nbsp;later....<br /></span><span style="color: #0000BB">$c&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">base64_decode</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ivlen&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_cipher_iv_length</span><span style="color: #007700">(</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">=</span><span style="color: #DD0000">"AES-128-CBC"</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$iv&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">0</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$hmac&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$sha2len</span><span style="color: #007700">=</span><span style="color: #0000BB">32</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$ciphertext_raw&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">substr</span><span style="color: #007700">(</span><span style="color: #0000BB">$c</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ivlen</span><span style="color: #007700">+</span><span style="color: #0000BB">$sha2len</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$original_plaintext&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">openssl_decrypt</span><span style="color: #007700">(</span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$cipher</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$options</span><span style="color: #007700">=</span><span style="color: #0000BB">OPENSSL_RAW_DATA</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$iv</span><span style="color: #007700">);<br /></span><span style="color: #0000BB">$calcmac&nbsp;</span><span style="color: #007700">=&nbsp;</span><span style="color: #0000BB">hash_hmac</span><span style="color: #007700">(</span><span style="color: #DD0000">'sha256'</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$ciphertext_raw</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$key</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$as_binary</span><span style="color: #007700">=</span><span style="color: #0000BB">true</span><span style="color: #007700">);<br />if&nbsp;(</span><span style="color: #0000BB">hash_equals</span><span style="color: #007700">(</span><span style="color: #0000BB">$hmac</span><span style="color: #007700">,&nbsp;</span><span style="color: #0000BB">$calcmac</span><span style="color: #007700">))</span><span style="color: #FF8000">//PHP&nbsp;5.6+&nbsp;timing&nbsp;attack&nbsp;safe&nbsp;comparison<br /></span><span style="color: #007700">{<br />&nbsp;&nbsp;&nbsp;&nbsp;echo&nbsp;</span><span style="color: #0000BB">$original_plaintext</span><span style="color: #007700">.</span><span style="color: #DD0000">"\n"</span><span style="color: #007700">;<br />}<br /></span><span style="color: #0000BB">?&gt;</span>
</span>
</pre></div>
    </div>

   </div>

  </p>
 </div>



 <div class="refsect1 seealso" id="refsect1-function.openssl-encrypt-seealso">
  <h3 class="title">参见</h3>
  <p class="para">
   <ul class="simplelist">
    <li class="member"><span class="function"><a href="openssl_decrypt.html" class="function" rel="rdfs-seeAlso">openssl_decrypt()</a> - 解密数据</span></li>
   </ul>
  </p>
 </div>


</div></div></div></body></html>